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Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1 )S Responsive to communication(s) filed on 04 April 2006 . 
2a)D This action is FINAL. 2b)S This action is non-final. 
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8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10)0 The drawing(s) filed on is/are: a)Q accepted or bO objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a). 
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DETAILED ACTION 



1. 



Claims 15-17 have been added. 



2. 



Claims 1 and 8 have been amended. 



3. 



Claims 1-17 are pending. 



Claim Rejections - 35 USC § 102 



1 . The following is a quotation of the appropriate paragraphs of 35 U.S.C. 1 02 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351(a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 

2. Claims 1-17 are rejected under 35 U.S.C. 102(e) as being anticipated by 
Newman et al. (Pub No. 2003/0046572). 

Regarding claims 1 and 8, Newman et al. discloses a method and program 
storage of internally encrypting data in a relational database, comprising the steps of: 

providing a security dictionary (DBENCRYPT package) comprising one or more 
security catalogs (DBENCRYPT_KEYS table) receiving the data from a user (See page 
1 , Section 0004 and page 2, Sections 0027-0030) 

associating the data with a database column and at least one authorized user, 
generating a working encryption key (data key), internally encrypting the working 
encryption key using a public key from an authorized user (See page 3, Sections 0031- 
0034) 
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storing the encrypted working key in a security catalog and internally encrypting 
the data within the database engine using the working key (See page 3, Section 
0035) 

Furthermore, Newman et al. discloses Newman discloses a relational database 
management system for internally encrypting non-relational data (See Page 1 , Section 
0010). Within the relational database management system, a DBENCRYPT package 
(security dictionary) is provided for storing all of the information that is used to manage 
data objects within the relational database. (See Page 2, Section 0028) The 
DBENCRYPT package comprises one or more catalogs known as DBENCRYPT_KEYS 
table. The DBENCRYPT KEYS table contains two security features in which data can 
only be stored within the table based upon an authentication mechanism and the 
encryption key used to update information within the table is never stored in the 
database. Therefore, the information can never be updated by anyone without 
authorization through the use of an authentication mechanism and/or a password. (See 
Page 3; Section 0032-0035 and Page 4, Sections 0043-0044). 

Regarding claims 2 and 9, Newman et al. discloses the claimed limitation 
wherein the step of generating a private key needed to decrypt the encrypted working 
key (See page 3, Section 0037) 

Regarding claims 3 and 10, Newman et al. discloses the claimed limitation 
wherein the public key is a password and is used by the system to look up the private 
key (See page 3, Sections 0043-0050, page 4, Sections 0051-0059) 
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Regarding claims 4 and 11, Newman et al. discloses the claimed limitation 
wherein the step of associating the data with a database column and a user is 
accomplished with an extended SQL syntax and further comprises the step of creating a 
relational database object comprising: 

the identity of the authorized user, (See page 4, Section 0064-0066) 

a relational database table, (See page, Section 0067) 

the identity of column within the relational database table, and (See page 4, 
Section 0069) 

one or more security flags the flags indicating user privileges to access the data 
(See page 4, Sections 0070-0071) 

Furthermore, Newman discloses encryption of data associated with a database 
column by providing the user with row-level encryption within the tables of the database 
using SQL syntax as a means for improving data encryption within a relational database 
management system. (See Page 1, Sections 004-005) 

Regarding claims 5 andM2, Newman et al. discloses the claimed limitation 
wherein the working key is provided by the user (See page 3, Sections 0035-0036) 

Furthermore, Newman discloses when the user attempts to access encrypted 
data, the encrypted data key (working key) for the current user is retrieved from the 
DBENCRYPT_KEYS table and is decrypted with the RSA algorithm using the private 
key stored in the application context. (See Page 3, Section 0037) 
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Regarding claims 6 and 13, Newman et al. discloses the claimed limitation 
wherein the working key is randomly generated (See page 2, Section 0019, page 3, 
Section 0034) 

Regarding claims 7 and 14, Newman et al. discloses the claimed limitation 
wherein the steps of: 

receiving a query and private key from a user, 

checking the ownership of an encrypted column using the security catalog to 
verify the user is authorized, 

internally decrypting the encrypted working encryption key with the private key, 
internally decrypting the encrypted column with the working key, 
processing the query, and 

returning an answer to the query to the user (See page 4, Sections 0072-0080, 
page 5, Sections 0081-0089) 

Furthermore, Newman discloses SQL syntax for improving data encryption within 
a relational database management system. A SQL is defined as a structure used to 
query a relational database (See Page 1 , Section 004) The private key from a user is 
checked for ownership by verifying the user is authorized. (See Page 4, Section 0071) 
The working key (encrypted data key) is decrypted with the private key (See Page 3, 
Section 0037) An answer is returned to the query to the user (See Page 4, Sections 
0067-0069) 

Regarding claims 15 and 16, Newman et al. discloses the claimed limitation 
wherein the step of writing the encrypted data into a database disk page, after the step 
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of internally encrypting the data within the database engine using the working key (See 

page 2, Section 0028, page 4, Sections 0071-0078) 

Regarding claim 17, Newman et al. discloses a method of internally creating 

index for encrypted data, comprising the steps of: 

fetching encrypted data pages from storage (See page 4, Section 0067), 
computing a data encryption/decryption key (See page 4, Section 0068), 
decrypting the data to form plaintext data pages (See page 4, Section 0069), 
using the plaintext data pages, building an index and forming index pages (See 

page 4, Section 0071) 

and encrypting the index pages (See page 4, Sections 0070, 0072) 

Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Courtney D. Fields whose telephone number is 571- 
272-3871 . The examiner can normally be reached on Mon - Thurs. 6:00 - 4:00 pm; off 
every Friday. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Emmanuel Moise can be reached on 571-272-3865. The fax phone number 
for the organization where this application or proceeding is assigned is 703-872-9306. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 
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